问题
I have a grpc-go server running in docker container, listening on 0.0.0.0:8080. I found this to be working after having failures with listening on localhost or 127.0.0.1 in a docker container - and it only failed running in a docker container, not if I go run on the same machine.
Also a simple web server did work listening on localhost or 127.0.0.1.
I found that 0.0.0.0 is listening on any network adapter - but found no other explanations.
Well, problem solved - but I am looking for an explanation - do you know?
回答1:
Networking is one of the namespaces in docker, similar to the pid and filesystem namespaces. If you kill pid 1 inside a container, that kills the process inside the container and not systemd/init on the host (as long as you don't override the namespace). And if you rm -rf /bin inside a container, that deletes files from that container, not from the host (as long as you don't have a volume mount). Similarly, the loopback network (localhost or 127.0 0.1) in a namespace refers to just that namespace, not the host.
Thinking about it from a higher level, loopback on the host is only reachable from that host, you cannot access it from another host, or an external load balancer. Namespaced networking works very similar. Loopback inside the container can be reached by other processes inside that same network namespace, but not containers in other namespaces, and not from the host with port forwarding since that forwards to the virtual network interface, similar to how an external load balancer forwards to the host network interface.
来源:https://stackoverflow.com/questions/56197982/why-0-0-0-0-is-working-and-localhost-or-127-0-01-is-not